var config = require('../conf/config');
var response = require('./response');
var remoteRequest = require('../util/remoteRequest');
var xss = require('../util/htmlXss');


// 登录拦截
exports.loginAuth = function(req, res, next){
	if (req.session.user) {
        req.params = xss(req.params);
        req.body = xss(req.body);
		next();
	} else {
		if (config.currEvn == 'test') {
			next();
		} else {
			response.error(res, config.errorCode.noLogin);
		}
	}
};

exports.logout = function(req, res){
	console.info('用户%s退出!', req.session.user);
	req.logout();
};

// 首次登录进行登录验证
exports.validUserToken = function(req, res){
    remoteRequest.validUserToken(req.body, function(isSucceed, data) {
        if (isSucceed) {
            req.session.user = req.body.user;
            response.data(res, req.sessionID);
        } else {
            response.error(res, config.errorCode.tokenAuthError);
        }
    });
};